Use concurrent ruby fixed version for test (saml-idp#230)

* Squash commits for saml_idp gem * [feat] Allow SP config force signature validation (#16) * Allow SP config force signature validation * Allow SP config force signature validation Tested with Slack with Authn request signature option --------- Co-authored-by: zogoo <[email protected]> * [feat] Don’t ignore certificates without usage (#17) I have tested with live SAML SP apps and it works fine * Unspecified certifciate from SP metadata --------- Co-authored-by: zogoo <[email protected]> * Try with proper way to update helper method (#19) * Set minimum test coverage (saml-idp#207) * Set minimum test coverage to a very high value for testing * Update minimum coverage to actual current value * Try with proper way to update helper method * Correctly decode and mock with correct REXML class * Drop the min coverage --------- Co-authored-by: Mathieu Jobin <[email protected]> Co-authored-by: zogoo <[email protected]> * [feat] Collect request validation errors (#18) * wip add error collector * Fix type and rewrite request with proper validation test cases * Lead error render decision to gem user * Validate the certificate's existence before verifying the signature. --------- Co-authored-by: zogoo <[email protected]> * Support lowercase percent-encoded sequences for URL encoding (#20) Co-authored-by: zogoo <[email protected]> * [fix] Gem CI updates for latest versions (#22) * Remove duplications * Pre-conditions need to be defined in before section * Le's not test logger in here --------- Co-authored-by: zogoo <[email protected]> * [fix] Allow IdP set reference ID for SAML response (#21) * Pass ref id as Session Index * Official Rails 8 is not released yet to RubyGem until that let's stick official older version --------- Co-authored-by: zogoo <[email protected]> * Support rails 8 for dev env (#23) Co-authored-by: zogoo <[email protected]> * Assertion flag should able switchable by application (#24) Co-authored-by: zogoo <[email protected]> * concurrent-ruby v1.3.5 has removed the dependency on logger --------- Co-authored-by: zogoo <[email protected]> Co-authored-by: Mathieu Jobin <[email protected]>
Zogoo · Jan 21, 2025 · 9780e65 · 9780e65
1 parent 78c1868
commit 9780e65
Show file tree

Hide file tree

Showing 4 changed files with 4 additions and 4 deletions.
diff --git a/gemfiles/rails_5.2.gemfile b/gemfiles/rails_5.2.gemfile
@@ -4,5 +4,6 @@ source "https://rubygems.org"
 
 gem "rails", "~> 5.2.4"
 gem "activeresource", "~> 5.1.0"
+gem 'concurrent-ruby', '1.3.4'
 
 gemspec path: "../"
diff --git a/gemfiles/rails_6.1.gemfile b/gemfiles/rails_6.1.gemfile
@@ -4,5 +4,6 @@ source "https://rubygems.org"
 
 gem "rails", "~> 6.1.0"
 gem "activeresource", "~> 5.1.0"
+gem 'concurrent-ruby', '1.3.4'
 
 gemspec path: "../"
diff --git a/gemfiles/rails_7.0.gemfile b/gemfiles/rails_7.0.gemfile
@@ -4,5 +4,6 @@ source "https://rubygems.org"
 
 gem "rails", "~> 7.0.0"
 gem "activeresource", "~> 6.0.0"
+gem 'concurrent-ruby', '1.3.4'
 
 gemspec path: "../"
diff --git a/lib/saml_idp/controller.rb b/lib/saml_idp/controller.rb
@@ -34,10 +34,7 @@ def acs_url
 
     def validate_saml_request(raw_saml_request = params[:SAMLRequest])
       decode_request(raw_saml_request, params[:Signature], params[:SigAlg], params[:RelayState])
-      return true if valid_saml_request?
-
-      head :forbidden if defined?(::Rails)
-      false
+      valid_saml_request?
     end
 
     def decode_request(raw_saml_request, signature, sig_algorithm, relay_state)